Cointelegraph via PANews reports TRM Labs identifying that Embargo, potentially a rebranded BlackCat group, has transferred over $34M since April, targeting high downtime industries in the US.
According to Cointelegraph via PANews, TRM Labs reported that ransomware group Embargo has transferred over $34 million in ransom-related cryptocurrency since April, currently holding about $18.8 million in unaffiliated wallets to delay detection or exploit favorable money laundering conditions. Operating under a ransomware-as-a-service model, the group targets high downtime sectors including healthcare, business services, and manufacturing, with a focus on US victims. TRM Labs suggests Embargo may be a rebranded version of the notorious BlackCat (ALPHV) group, which vanished earlier this year following a suspected exit scam. The group employs a dual extortion strategy, encrypting systems and threatening data release, sometimes publicly naming victims.